Since May 2018 there has been a significant change to the UK data protection framework, with the General Data Protection Regulation (GDPR) and the new Data Protection Act 2018 (DPA 2018) now in force. Brexit is just around the corner, together with a new ePrivacy Regulation which will replace the current ePrivacy Directive implemented in the UK by the Privacy and Electronic Communications (EC Directive) Regulations 2003.

The GDPR and DPA 2018 provide stronger privacy rights for individuals and impose more prescriptive compliance obligations on those processing personal data, including local authorities. There is also a separate legal framework under Part 3 of the DPA 2018 for law enforcement processing. The ICO has a new and more robust set of enforcement tools at her disposal, including the power to fine public authorities up to £17m for serious breaches. Individuals also have stronger rights to compensation where data breaches occur. The consequences of non-compliance are therefore significantly more serious under the new data protection regime.

Local authorities need to ensure they are complying with the new regime and that they have data protection officers, information practitioners and lawyers in their legal teams who fully understand the new legal framework, how it applies to their authorities, the risks the framework creates and how to mitigate those risks.

This intensive one-day GDPR masterclass will provide delegates with a full introduction to the new data protection framework and what it means for local authorities including:

an overview of the legal framework and the latest implications of Brexit

the key changes introduced by GDPR and DPA 2018

a deep dive into various topics including the role of the DPO, lawful processing, individuals’ rights, compliance requirements, exemptions, law enforcement processing, identifying and managing data breaches, the ICO's enforcement powers and the risks associated with compensation claims

horizon scanning future developments, including the impact of the new ePrivacy Regulation

The workshops will be practical and interactive with plenty of time for discussion and group exercises including case studies. The materials will also provide a pack of practical resources for information practitioners, including checklists and guides.

Target audience

This masterclass is ideal for all local authority information practitioners, data protection lawyers and data protection officers.

Level

Intermediate

This masterclass will cover the following aspects of the SRA’s Statement of solicitor competence:

A2 Maintain the level of competence and legal knowledge needed to practice effectively, taking into account changes in their role and/or practice context and developments in the law

A4 Draw on sufficient detailed knowledge and understanding of their field(s) of work and role in order to practice effectively

D1 Initiate, plan, prioritise and manage work activities and projects to ensure that they are completed efficiently, on time and to an appropriate standard both in relation to their own work and work that they lead or supervise